The collaboration industry is transitioning away from premise deployed infrastructure, signaling, and media control toward cloud-hosted offerings. However, providers of cloud-hosted offerings encounter new challenges in satisfying customers' privacy and security concerns. The provider should work to ensure that devices (e.g., Internet Protocol (IP) telephones) registering against a cloud based discovery service can do so securely and simply. In particular, sending private data, such as security data, to a public, cloud based discovery service during initial registration may present an opportunity to attack the foundation of subsequent connections. In other words, all of the registration, configuration, and bootstrap data should remain under full control of the customer.
One solution that cloud providers have presented uses an external Key Management System (KMS) under the customer's control. Each customer's KMS retains control of media encryption keys, and the cloud provider does not have access to the encryption keys. Existing KMS systems rely on an initial bootstrap process that assumes the client devices has established trust anchors and knows the identity and address of its KMS. Typically, during the device registration/discovery process, the client device fully trusts the cloud provider, shares all credential and configuration information with the cloud provider, and does not need to discover the cloud provider. For example, many software products require entry of a license key in order to activate the product. However, this activation model does not require discovery of a cloud provider in order to activate the software. In this case, entry of a Microsoft® license key will result in the software product contacting a well-known Microsoft service in order to validate the activation code/license key. This model fully trusts the cloud provider (e.g., Microsoft).